CONVERSATIONS

DATA

& CONSENT

Join the conversation on:

DATA & CONSENT

Featuring Usama Khilji (Bolo Bhi)

Usama Khilji, Director of Bolo Bhi, joins us for a conversation on consent in regards to the international importance of digital and privacy rights in face of censorship, cybercrime and surveillance as well as the right to be forgotten.

Available on your favourite platforms, via
“Consent is so important because it is intrinsically linked to the dignity of a human being which underpins the entire notion and idea of human rights.”
Personal Dimension
“Can a dead body consent to being photographed? That is the question we need to ask ourselves. Of course, they cannot so if they cannot then you do not post a photo of a dead body. If you want to show what is happening, you blur it.”
Interpersonal Dimension
“Governments have a responsibility; especially under the United Nations guiding principles of business and human rights.”
Societal Dimension
Previous
Next

Key Terms and Definitions

Here we clarified key terms and definitions to understand the topic better.

“Camfecting is a term describing a situation where hackers utilize a device’s camera for unauthorized purposes. It is called camfecting because the hacking behaviour infects the camera. Camfecting is a significant concern in today’s security world.”

Techopedia

“Cyber Sextortion is a form of scareware extortion in which the attacker contacts the victim to claim (almost invariably falsely) to have obtained images of the victim pleasuring themselves while viewing an adult site, and threatening to share the embarrassing images with acquaintances of the victim. The victim is asked to pay a ransom, or else.”

Cyberwire

“Digital literacy refers to the skills required to achieve digital competence, the confident and critical use of information and communication technology (ICT) for work, leisure, learning and communication.”

Eurostat

“A hacker is someone who gets into other people’s computer systems without permission in order to find out information or to do something illegal.”

Cambridge Dictionary

“Online impersonation includes any action which uses Internet access or electronic communication to assume the identity of another person.”

Sharp Criminal Attorney

“Phishing is the activity of tricking people by getting them to give their identity, bank account numbers, etc. over the Internet or by e-mail, and then using these to steal money from them.”

Oxford Learners Dictionary

“Ransomware is a type of software that is designed to block access to a computer system until a sum of money is paid.”

Oxford Learners Dictionary

Did you know… ?

Here are facts and figures on the topic.

47 per cent of Americans experienced financial identity theft in 2020.

On average, across OECD countries with available data from March 2019, about 12% of girls aged 15 report having been cyberbullied, compared to 8% for boys.

More men are using the internet (55% of the male population) than women (48% of the female population)

ITU

In 2020, there were 1,108 data breaches in the United States of America.

Want to help spread the word? Share our animation on DATA

Here are a few quick facts and some easy to understand information on this topic. Feel free to post to your social media accounts to get your friends involved.

Share now:

Facebook
Twitter
Reddit
Play Video

Data Resources

Check out the following resources to learn more about Data and Consent.

Privacy Advisor Podcast

PODCAST

This podcast is focused on contemporary issues in data privacy and cyber-security.

General Data Protection Regulation (GDPR)

LAW

GDPR.eu is a resource for organizations and individuals researching the General Data Protection Regulation. Here you’ll find a library of straightforward and up-to-date information.

Cybersecurity: Managing Risk in the Information Age

ONLINE COURSE

Follow this campaign to regulate the global porn industry by highlighting that viewing illegal, stolen and non-consensual content is wrong.

Data Protection Report

REPORT

The Data Protection Report provides thought leadership on emerging privacy, data protection and cybersecurity issues.

Why do we need data on violence against women?

YOUTUBE CHANNEL

Europe Institute for Gender Equality has launched a series of videos on gender-based violence.

Data feminism

BOOK

Data feminism by Catherine D’Ignazio and Lauren F. Klein in a new way of thinking about data science and data ethics that is informed by the ideas of intersectional feminism.

Myth Busters

Data and consent are topics that are often misunderstood because of the myths surrounding them, here we want to clean up some of the most prominent misconceptions.

Data protection is a waste of time.

Mishandling personal data can ruin lives.

Abuse of one’s own or the data of a person close to them causes harm. Consent is an important aspect when it comes to protecting data.

Data protection is an IT issue.

Data protection is as much a social as an IT issue.

Every person has a right to privacy which protects them and their human dignity. Data protection plays a vital part in this.

If one has nothing to hide, it does not matter who receives their data.

Personal data should always only be shared with full consent.

Our personal data has value. Consequences of revealing personal information can be severe. Data reveals our identity. The value of this data changes over time depending on who has access to it and the context in which personal data is being used. Receiving or giving out data is never trivial.

How to…

Check out these guidelines that help you to have conversations on consent.

… secure access to personal data.

Advice: One of the easiest ways to secure one’s data that is very seldomly practiced is to choose secure passwords. All passwords should be different from one another and hard to guess. Make sure your passwords are at least eight characters long, with a mix of upper and lower case, and include numbers or other characters, and never use the auto-complete feature for passwords.

... secure one’s bank account details.

Advice: Don’t access personal or financial data with public Wi-Fi. It’s best to do those things on a secure connection.

… avoid access to personal messages.

Advice: End-to-end encryption makes it near-impossible for anyone — even the app maker — to see what’s being said.

Data and Consent Cases

Here we highlight prominent cases.

Cassidy Wolf and Jared James Abrahams

CASE:
In November 2013, American teenager Jared James Abrahams pleaded guilty to hacking over 100-150 women and installing the highly invasive malware Blackshades on their computers in order to obtain nude images and videos of them. One of his victims was Miss Teen USA 2013 Cassidy Wolf. He was sentenced to 18 months in prison.

ANALYSIS:
Hacking people’s devices is a real threat that can be avoided when taking necessary precautions. Yet it is important to have consent-based laws in place when it comes to the digital world in order to prosecute people who are infringing on other people’s privacy and obtain information that is private, intimate and should remain confidential.

Know Your Rights

The protection of data and privacy rights is of utmost importance and it is important to understand the rights you have in this domain.

Interpretations of Consent and Data

According to each country data protection and privacy rights differ.

European Union (EU)

The EU General Data Protection Regulation (GDPR) defines personal data as any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions can also be personal data.
There are strict new rules about what constitutes consent from a data subject to process their information, namely: consent must be “freely given, specific, informed and unambiguous.”, requests for consent must be “clearly distinguishable from the other matters” and presented in “clear and plain language.”; data subjects can withdraw previously given consent whenever they want, and controllers have to honor their decision. Moreover, children under 13 can only give consent with permission from a parent and controllers need to keep documentary evidence of consent.
Law: Recitals 32, 42 and 43 and Article 7 of the GDPR
(europa.eu)

India

Inspired by the GDPR, the Personal Data Protection (PDP) Bill was proposed in 2019 to bring about a comprehensive overhaul to India’s current data protection regime, which is currently governed by the Information Technology Act, 2000 and the rules thereunder.

According to the current rules, collecting entities must obtain consent in order to collect the data. However, the PDP Bill provides for certain bases on which collecting entities can rely to process personal data, such as: consent having been gi ven or employment purposes.
Law: THE PERSONAL DATA PROTECTION BILL, 2019
(Personal Data Protection Bill)

United States

There is no single principal data protection legislation in the United States. Instead, there are several laws at both state and federal levels aiming to protect the personal data of US citizens. These laws vary considerably in their purpose and scope. Most impose data protection obligations on specific industry participants or specific types of data, such as children’s data.
Consent also differs from regulation to regulation. For example, in contrast to the Health Insurance Portability and Accountability Act (HIPAA) or Gramm-Leach-Bliley Act (GLBA), there are no privacy provisions in the Fair Credit Reporting Act (FCRA) requiring entities to provide notice to a consumer or to obtain his opt-in or opt-out consent before collecting or disclosing the consumer’s data to third parties.
However, he Privacy Act is a United States federal law enacted on December 31, 1974, to govern the collection, use, and dissemination of PII about individuals held by federal agencies. The general rule under the Privacy Act is that an agency cannot disclose a record contained in a system of records unless the individual to whom the record pertains gives prior written consent to the disclosure. There are twelve exceptions to this general rule.
Law: Privacy Act
(Overview of The Privacy Act of 1974 (2020 Edition))

We are evolving as we share

Let us know about your comments and feedback on the information provided on our website. Is there anything to be added or adjusted? Simply contact us.

Stay up to date with the latest podcasts, new resources, and progress with our petition.

Subscribe to the newsletter

This campaign was produced with the financial support of the European Union within the framework of the European Union Sivil Düşün Programme. Its contents are the sole responsibility of Nicole Bogott/The Philia Project e.V. and do not necessarily reflect the views of the European Union.

Copyright © All Rights Reserved by Philia